Securing your account according to the GDPR

Data protection by design and default require controllers to ensure the security of their ScheduleOnce accounts. By default, ScheduleOnce requires Users to use a secure password with at least six characters, including numbers and letters. In addition to our default settings, ScheduleOnce also allows Users to set custom security policies such as stricter password policies, account lockout and short sessions. These additional security policies ensure that you are protecting your account to the highest degree possible.

Configure security settings for your ScheduleOnce account

1. In your ScheduleOnce account, go to Account -> Security. You will land on the Password policies section (See Figure 1).

Figure 1: The Password policies section of the Security settings

2. Define your password policy. You can set a minimum length, complexity, expiration period, and whether users can reuse their previous passwords. When finished, press Save.

3. Click on the Account lockout policies section. Click to enable Account lockout. This protects against brute force login attempts and automatically suspends account access when multiple failed login attempts have been identified. Select the number of times a user can unsuccessfully try to login within a specific time frame. When finished, press Save (See Figure 2).

Figure 2: Account lockout policies section of the Security settings

4. Click on the Session policies section (See Figure 3). Click to enable Short sessions. This setting will automatically sign out users after a specific period of inactivity. Define the period of time until users are signed out. When finished, press Save.